11 October 2022 – French Criminal Division of the Court of Cassation provided a landmark ruling on evidence from hacked EncroChat.
It could affect hundreds of criminal investigations, prosecutions, and investigations in the UK.
The Court found that French investigators and prosecutors had failed to supply a certificate to authenticate intercepted phone data obtained from EncroChat phones as required by French law. It was also held that French police did not disclose, on the grounds of defence secrecy, how Dutch and French authorities undertook the hacking operation on EncroChat in which 120 million messages from more than 30,000 EncroChat phone users were recovered.
The French decision has enormous implications for those in the UK who have been convicted or are currently being prosecuted or investigated because of information gained from the EncroChat hack. The general consensus is that if the evidence obtained through the hack is unlawful in France, then the UK courts are likely to reach a similar conclusion. This opinion is backed up by the fact that both Germany and Ireland have respectively suspended/ chosen not to use evidence obtained from EncroChat.
What is EncroChat?
EncroChat was a European communication network and service provider which allowed users who installed the software on their Android phones to make encrypted calls, send encrypted messages, and author encrypted notes. EncroChat software also provided a ‘panic’ button that when pressed would immediately erase the phone’s contents. A self-destruct function was also available.
This all sounds very James Bondish and to an extent it is. EncroChat provided the seemingly secure communication platform that previous solutions such as burner phones and Pretty Good Privacy’ (PGP) could no longer give.
It must be emphasised that EncroChat was not used exclusively by those involved in criminal activity. The encryption and panic button features proved useful for those engaging in infidelity or for people who, for lawful reasons, wanted to ensure secure communications.
The French and Dutch hacking operation successfully blew EncroChat’s security apart. The question ever since has been “can the evidence obtained from the hacked data be challenged as unlawful”?
Can Encrochat intercepted communications be relied on in UK criminal cases?
Section 56(1) of the Investigatory Powers Act 2016 (IPA 2016) provides that evidence obtained from live monitored communications (for example phone tapping) is deemed unreliable if the interception was conducted in the UK and at least one of the parties to the communication is present in the country.
To be relied on in a court in England and Wales, the prosecution will need to prove that any EncroChat interception took place in France. This is an extremely tricky undertaking, especially given that French authorities are refusing to disclose their methodology.
Why did the French court rule that evidence can be challenged by the defence?
The case arose from an appeal concerning the judgment of the Nancy Court of Appeal in the matter of Saïd Zaoui, who was arrested in June 2020 and indicted on charges of importing narcotics and possession of weapons and ammunition following the EncroChat hack. Because the investigative technique used by the police came under the category of national security, the defence was not able to assess how the hack was done. However, French law states that in such cases, the police must produce a ‘certificate of truthfulness’. The court in Nancy ruled that the police did not have to produce the certificate.
The Court of Cassation stated the lower court erred in this decision and referred the case back to a Metz court to establish if a certificate of truthfulness exists.
Highly reliable sources have indicated that there is no such certificate in existence.
What will happen with UK cases involving EncroChat evidence?
In September 2022, the Investigatory Powers Tribunal (IPT) heard that the National Crime Agency (NCA) “deliberately concealed” information when it applied for a warrant to access hundreds of thousands of intercepted messages and photographs from EncroChat. The inceptions were accessed as part of Operation Venetic which led to the arrest of 1,550 people across the UK plus the seizure of 115 firearms, £54m in cash, and substantial quantities of illegal drugs.
Also, the Court of Appeal ruled that data acquired through EncroChat were admissible as evidence as they were accessed through equipment interference rather than interception, the latter of which would have triggered the provision contained in Section 56(1) of the IPA 2016 (see above). But criminal defence solicitors have argued in the IPT that the NCA failed to fully explain to the judge who authorised the EncroChat surveillance warrant how the French and Dutch authorities were obtaining the data. This allowed the NCA to acquire a Targeted Equipment Interference (TEI) warrant which ensured the evidence obtained was admissible in court. Defence solicitors told the IPT that the correct warrant for the EncroChat operation would have been a Targeted Intercept (TI) warrant. TI evidence can not be relied on in court.
The French decision is likely to strengthen defence solicitors’ arguments against the NCA’s “tenuous basis” for a TEI warrant. UK solicitors have a basis to challenge any convictions, prosecutions, or investigations relying on hacked Encrochat evidence.
If you have been convicted, arrested, or are currently being investigated regarding EncroChat data, you must contact us immediately. Our highly experienced criminal defence solicitors will advise you on what to do in light of the French court’s decision.
For more information on this area, please read previous articles and/or watch videos we have published on the topic:
- EncroChat Hack: What next? | Eldwick Law
- Encro Phones – Eldwick Law Defence Strategy June 2020 – YouTube
- The EncroChat police hacking sets a dangerous precedent | Privacy | Al Jazeera
Share this Post